mirror of
https://github.com/sshuttle/sshuttle.git
synced 2025-05-18 23:20:52 +02:00
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
0d460c0264
This patch checks to see if the client and the server are running on the same machine. The client creates a temporary file that the server then looks for. If the server finds the file, it knows it is on the same machine as the client and it deletes the file. Next, if the client detects that the file has been deleted by the server, it assumes that it is running on the same machine as the server. This check is necessary since a user may specify a remote host with "-r" that actually points back to the same machine the client is on. This commit uses tempfile.mkstemp() which was added in Python 2.3. Functionally, this commit does nothing except add a debug message about if the client and server are on the same machine. It also sets a variable which contains this information for potential future use. Potential future uses include... 1) If the TTL hack is removed, this can be used to print a error message since running the client and server on the same machine would no longer be supported. 2) If the TTL hack is continued, we could disable the hack when the client and the server are on different machines. |
||
|---|---|---|
| .github/workflows | ||
| bin | ||
| docs | ||
| sshuttle | ||
| tests | ||
| .gitignore | ||
| .prospector.yml | ||
| bandit.yml | ||
| CHANGES.rst | ||
| LICENSE | ||
| MANIFEST.in | ||
| README.rst | ||
| requirements-tests.txt | ||
| requirements.txt | ||
| run | ||
| setup.cfg | ||
| setup.py | ||
| tox.ini | ||
sshuttle: where transparent proxy meets VPN meets ssh
=====================================================
As far as I know, sshuttle is the only program that solves the following
common case:
- Your client machine (or router) is Linux, FreeBSD, or MacOS.
- You have access to a remote network via ssh.
- You don't necessarily have admin access on the remote network.
- The remote network has no VPN, or only stupid/complex VPN
protocols (IPsec, PPTP, etc). Or maybe you *are* the
admin and you just got frustrated with the awful state of
VPN tools.
- You don't want to create an ssh port forward for every
single host/port on the remote network.
- You hate openssh's port forwarding because it's randomly
slow and/or stupid.
- You can't use openssh's PermitTunnel feature because
it's disabled by default on openssh servers; plus it does
TCP-over-TCP, which has `terrible performance`_.
.. _terrible performance: https://sshuttle.readthedocs.io/en/stable/how-it-works.html
Obtaining sshuttle
------------------
- Ubuntu 16.04 or later::
apt-get install sshuttle
- Debian stretch or later::
apt-get install sshuttle
- Arch Linux::
pacman -S sshuttle
- Fedora::
dnf install sshuttle
- NixOS::
nix-env -iA nixos.sshuttle
- From PyPI::
sudo pip install sshuttle
- Clone::
git clone https://github.com/sshuttle/sshuttle.git
cd sshuttle
sudo ./setup.py install
- FreeBSD::
# ports
cd /usr/ports/net/py-sshuttle && make install clean
# pkg
pkg install py36-sshuttle
- macOS, via MacPorts::
sudo port selfupdate
sudo port install sshuttle
It is also possible to install into a virtualenv as a non-root user.
- From PyPI::
virtualenv -p python3 /tmp/sshuttle
. /tmp/sshuttle/bin/activate
pip install sshuttle
- Clone::
virtualenv -p python3 /tmp/sshuttle
. /tmp/sshuttle/bin/activate
git clone https://github.com/sshuttle/sshuttle.git
cd sshuttle
./setup.py install
- Homebrew::
brew install sshuttle
- Nix::
nix-env -iA nixpkgs.sshuttle
Documentation
-------------
The documentation for the stable version is available at:
https://sshuttle.readthedocs.org/
The documentation for the latest development version is available at:
https://sshuttle.readthedocs.org/en/latest/
Running as a service
--------------------
Sshuttle can also be run as a service and configured using a config management system:
https://medium.com/@mike.reider/using-sshuttle-as-a-service-bec2684a65fe